CVE-2018-6558 — Google Fscrypt vulnerability

7 documents5 sources

Severity

6.5MEDIUMNVD

EPSS

0.1%

top 65.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Fscrypt Github.com Google Fscrypt THE Fscrypt Project Fscrypt

Timeline

PublishedAug 23

Latest updateJun 23

Description

The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a successful login through certain applications that use Linux-PAM (aka pam).

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

▶NVDgoogle/fscrypt< 0.2.4

▶Gogithub.com/google_fscrypt< 0.2.4

▶Debiangoogle/fscrypt< 0.2.4-1+3

▶CVEListV5the_fscrypt_project/fscryptbefore 0.2.4

Patches

Patch: github.com ↗Patch: github.com ↗Patch: launchpad.net ↗

🔴Vulnerability Details

OSV

Privilege Escalation in fscrypt↗2021-06-23

▶

GHSA

Privilege Escalation in fscrypt↗2021-06-23

▶

OSV

Privilege escalation in github.com/google/fscrypt↗2021-04-14

▶

CVEList

CVE-2018-6558: The pam_fscrypt module in fscrypt before 0↗2018-08-23

▶

OSV

CVE-2018-6558: The pam_fscrypt module in fscrypt before 0↗2018-08-23

▶

📋Vendor Advisories

Debian

CVE-2018-6558: fscrypt - The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary a...↗2018

▶